WO2025236157A1 - Procédés de communication, premier terminal, second terminal et dispositif et système de communication - Google Patents

Procédés de communication, premier terminal, second terminal et dispositif et système de communication

Info

Publication number
WO2025236157A1
WO2025236157A1 PCT/CN2024/092948 CN2024092948W WO2025236157A1 WO 2025236157 A1 WO2025236157 A1 WO 2025236157A1 CN 2024092948 W CN2024092948 W CN 2024092948W WO 2025236157 A1 WO2025236157 A1 WO 2025236157A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
information
key
encrypted
hop
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
PCT/CN2024/092948
Other languages
English (en)
Chinese (zh)
Inventor
商正仪
陆伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Xiaomi Mobile Software Co Ltd
Original Assignee
Beijing Xiaomi Mobile Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Xiaomi Mobile Software Co Ltd filed Critical Beijing Xiaomi Mobile Software Co Ltd
Priority to PCT/CN2024/092948 priority Critical patent/WO2025236157A1/fr
Priority to CN202480001123.9A priority patent/CN118872303A/zh
Publication of WO2025236157A1 publication Critical patent/WO2025236157A1/fr
Pending legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W40/00Communication routing or communication path finding
    • H04W40/02Communication route or path selection, e.g. power-based or shortest path routing
    • H04W40/22Communication route or path selection, e.g. power-based or shortest path routing using selective relaying for reaching a BTS [Base Transceiver Station] or an access point
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices
    • H04W88/04Terminal devices adapted for relaying to or from another terminal or user

Definitions

  • This disclosure relates to the field of communication technology, and in particular to communication methods, first terminals, second terminals, communication equipment and systems.
  • This disclosure presents a communication method, a first terminal, a second terminal, a communication device, and a system.
  • a communication method executed by a first terminal, the first terminal being a terminal supporting multi-hop user terminal to network (UE-to-Network, U2N) services or a terminal supporting multi-hop user terminal to user terminal (UE-to-UE, U2U) services, the method comprising:
  • a first message is sent to a second terminal.
  • the first message includes encrypted information, which includes encrypted first information used to determine the path from the first terminal to the second terminal.
  • a communication method executed by a second terminal, the second terminal being a terminal supporting multi-hop U2N service or a terminal supporting multi-hop U2U service, the method comprising:
  • the system receives a first message sent by a first terminal.
  • the first message includes encrypted information, which includes encrypted first information used to determine the path from the first terminal to the second terminal.
  • a first terminal is provided, the first terminal being a terminal supporting multi-hop U2N services or a terminal supporting multi-hop U2U services, the first terminal comprising:
  • the transceiver module is configured to send a first message to a second terminal.
  • the first message includes encrypted information, which includes encrypted first information used to determine the path from the first terminal to the second terminal.
  • a second terminal is provided, the second terminal being a terminal supporting multi-hop U2N services or a terminal supporting multi-hop U2U services, the second terminal comprising:
  • the transceiver module is configured to receive a first message sent by a first terminal.
  • the first message includes encrypted information, which includes encrypted first information used to determine the path from the first terminal to the second terminal.
  • a communication device comprising:
  • One or more processors are One or more processors;
  • the communication device is used to execute the communication method proposed in the first or second aspect.
  • a communication system comprising:
  • the first terminal is configured to implement the communication method proposed in the first aspect
  • the second terminal is configured to implement the communication method proposed in the second aspect.
  • a storage medium stores instructions that, when executed on a communication device, cause the communication device to perform a communication method as described in the first or second aspect.
  • a computer program product comprising a computer program that, when executed by a communication device, implements the communication method as proposed in the first or second aspect.
  • the embodiments disclosed herein can protect the privacy of information in messages in multi-hop U2N relay and/or multi-hop U2U relay scenarios.
  • Figure 1A is an exemplary schematic diagram of the architecture of a multi-hop U2N relay provided according to an embodiment of the present disclosure.
  • Figure 1B is an exemplary schematic diagram of the architecture of a multi-hop U2N relay provided according to an embodiment of the present disclosure.
  • Figure 1C is an exemplary schematic diagram of the architecture of a multi-hop U2U relay provided according to an embodiment of the present disclosure.
  • Figure 1D is an exemplary schematic diagram of the architecture of a multi-hop U2U relay provided according to an embodiment of the present disclosure.
  • Figure 1E is an exemplary schematic diagram of the architecture of a communication system provided according to an embodiment of the present disclosure.
  • Figure 2 is an exemplary interaction diagram of the communication method provided according to an embodiment of the present disclosure.
  • Figure 3A is an exemplary flowchart of a communication method provided according to an embodiment of the present disclosure.
  • Figure 3B is an exemplary flowchart of a communication method provided according to an embodiment of the present disclosure.
  • Figure 3C is an exemplary flowchart of a communication method provided according to an embodiment of the present disclosure.
  • Figure 4A is an exemplary flowchart of a communication method provided according to an embodiment of the present disclosure.
  • Figure 4B is an exemplary flowchart of a communication method provided according to an embodiment of the present disclosure.
  • Figure 4C is an exemplary flowchart of a communication method provided according to an embodiment of the present disclosure.
  • Figure 5 is an exemplary interaction diagram of the communication method provided according to an embodiment of the present disclosure.
  • Figure 6A is an exemplary interactive diagram of the communication method provided according to the architecture of the multi-hop U2N relay shown in Figure 1B.
  • Figure 6B is an exemplary interactive diagram of the communication method provided according to the architecture of the multi-hop U2U relay shown in Figure 1D.
  • Figure 7A is an exemplary schematic diagram of the structure of a first terminal provided according to an embodiment of the present disclosure.
  • Figure 7B is an exemplary schematic diagram of the structure of a second terminal provided according to an embodiment of the present disclosure.
  • Figure 8A is an exemplary schematic diagram of the structure of a communication device provided according to an embodiment of the present disclosure.
  • Figure 8B is an exemplary schematic diagram of the structure of a chip provided according to an embodiment of the present disclosure.
  • This disclosure presents a communication method, a first terminal, a second terminal, a communication device, and a system.
  • embodiments of this disclosure propose a communication method executed by a first terminal, wherein the first terminal is a terminal supporting multi-hop user terminal to network U2N service or a terminal supporting multi-hop user terminal to user terminal U2U service, the method comprising:
  • a first message is sent to a second terminal.
  • the first message includes encrypted information, which includes encrypted first information used to determine the path from the first terminal to the second terminal.
  • privacy protection is performed on the information in messages in multi-hop U2N relay and/or multi-hop U2U relay scenarios.
  • the message carries encrypted first information, which is used to determine the path in multi-hop U2N relay and/or multi-hop U2U relay scenarios.
  • the first information includes one of the following:
  • Transaction ID which is used to determine the path from the first terminal to the second terminal.
  • the first information may be path information or identification information.
  • the method further includes:
  • the second information is encrypted according to the key stream to obtain the encrypted information, wherein the second information includes the first information.
  • the information to be protected can be encrypted according to the key stream.
  • encryption can also be performed in other ways.
  • the second information further includes at least one of the following:
  • the second information may include RSC and/or user identification information, and therefore the RSC and/or user identification information can be encrypted and protected.
  • the first key is determined based on at least one of the following:
  • encryption can be performed based on security materials from the discovery phase, such as the first key being set as DUCK, DUSK, or long-term credentials.
  • the key stream is determined based on the first key and at least one of the following:
  • the key stream can be determined based on a first key, a UTC-based counter, bearer, direction information, and length information; alternatively, the key stream can also be determined based on a first key, a UTC-based counter, and RSC.
  • the key stream is set to the N least significant bits output by the key derivation function (KDF), where N is the total length of the second information.
  • KDF key derivation function
  • the length of the key stream is equal to the length of the information that needs to be protected.
  • this disclosure provides a communication method executed by a second terminal, wherein the second terminal supports multi-hop U2N.
  • the method includes: (The terminal providing the service or a terminal supporting multi-hop U2U services)
  • the system receives a first message sent by a first terminal.
  • the first message includes encrypted information, which includes encrypted first information used to determine the path from the first terminal to the second terminal.
  • the first information includes one of the following:
  • a transaction identifier which is used to determine the path from the first terminal to the second terminal.
  • the method further includes:
  • the encrypted information is decrypted according to the key stream to obtain second information, which includes the first information.
  • the second information further includes at least one of the following:
  • the method further includes at least one of the following:
  • the second information can be obtained by decrypting the encrypted information in the first message, and the second information obtained by decryption can be compared with the second information stored in the second terminal to determine whether to terminate the establishment of the PC5 link between the second terminal and the first terminal based on whether the decryption is successful or failed. In this way, the PC5 link between the first terminal and the second terminal can be established while protecting the privacy between the first terminal and the second terminal.
  • the first key is determined based on at least one of the following:
  • the key stream is determined based on the first key and at least one of the following:
  • the key stream is set to N least significant bits of the KDF output, where N is the total length of the second information.
  • this disclosure provides a first terminal, which is a terminal supporting multi-hop U2N service or a terminal supporting multi-hop U2U service, and the first terminal includes:
  • the transceiver module is configured to send a first message to a second terminal.
  • the first message includes encrypted information, which includes encrypted first information used to determine the path from the first terminal to the second terminal.
  • embodiments of this disclosure provide a second terminal, which is a terminal supporting multi-hop U2N services or a terminal supporting multi-hop U2U services, and the second terminal includes:
  • the transceiver module is configured to receive a first message sent by a first terminal.
  • the first message includes encrypted information, which includes encrypted first information used to determine the path from the first terminal to the second terminal.
  • embodiments of this disclosure provide a communication device, comprising:
  • One or more processors are One or more processors;
  • the communication device is used to perform the method described in the optional implementation of the first or second aspect above.
  • embodiments of this disclosure provide a communication system, including:
  • the first terminal is configured to implement the method described in the optional implementation of the first aspect above;
  • the second terminal is configured to implement the method described in the optional implementation of the second aspect above.
  • embodiments of this disclosure provide a storage medium storing instructions that, when executed on a communication device, cause the communication device to perform the method as described in the optional implementations of the first or second aspect above.
  • embodiments of this disclosure provide a computer program product including a computer program that, when executed by a communication device, implements the method as described in the optional implementations of the first or second aspect above.
  • embodiments of this disclosure provide a chip or chip system.
  • the chip or chip system includes processing circuitry configured to perform the methods described in the optional implementations of the first or second aspects above.
  • first terminal, second terminal, communication equipment, communication system, storage medium, computer program product, chip, or chip system described above are all used to execute the methods proposed in the embodiments of this disclosure. Therefore, the beneficial effects that can be achieved can be referred to the beneficial effects in the corresponding methods, and will not be repeated here.
  • each step in a particular embodiment can be implemented as an independent embodiment, and the steps can be arbitrarily combined.
  • a solution after removing some steps in a particular embodiment can also be implemented as an independent embodiment, and the order of the steps in a particular embodiment can be arbitrarily interchanged.
  • the optional implementation methods in a particular embodiment can be arbitrarily combined; moreover, the embodiments can be arbitrarily combined, for example, some or all steps of different embodiments can be arbitrarily combined, and a particular embodiment can be arbitrarily combined with the optional implementation methods of other embodiments.
  • multiple refers to two or more.
  • the terms “at least one of”, “one or more”, “a plurality of”, “multiple”, etc., may be used interchangeably.
  • the notation "at least one of A and B", “A and/or B", “A in one case, B in another”, “in response to one case A, in response to another case B”, etc. may include the following technical solutions depending on the situation: in some embodiments, A (execute A regardless of B); in some embodiments, B (execute B regardless of A); in some embodiments, execution is selected from A and B (A and B are selectively executed); in some embodiments, A and B (both A and B are executed). The same applies when there are more branches such as A, B, C, etc.
  • the notation "A or B” may include the following technical solutions, depending on the situation: in some embodiments, A (execution of A regardless of B); in some embodiments, B (execution of B regardless of A); in some embodiments, execution is selected from A and B (A and B are selectively executed). The same applies when there are more branches such as A, B, C, etc.
  • the descriptive object is a "field,” the ordinal numbers preceding "field” in “first field” and “second field” do not restrict the position or order of the "fields.” "First” and “second” do not restrict whether the "fields” they modify are in the same message, nor do they restrict the order of "first field” and “second field.”
  • the descriptive object is a "level,” the ordinal numbers preceding "level” in “first level” and “second level” do not restrict the priority between “levels.”
  • the number of descriptive objects is not limited by ordinal numbers and can be one or more. For example, in “first device,” the number of "devices" can be one or more.
  • the objects modified by different prefixes can be the same or different.
  • first device and second device can be the same device or different devices, and their types can be the same or different.
  • first information and second information can be the same information or different information, and their content can be the same or different.
  • “including A,” “containing A,” “for indicating A,” and “carrying A” can be interpreted as directly carrying A or indirectly indicating A.
  • the terms “in response to...”, “in response to determining...”, “in the case of...”, “when...”, “if...”, “if...”, etc., can be used interchangeably.
  • the terms “greater than,” “greater than or equal to,” “not less than,” “more than,” “more than or equal to,” “not less than,” “higher than,” “higher than or equal to,” “not lower than,” and “above” can be used interchangeably, as can the terms “less than,” “less than or equal to,” “not greater than,” “less than,” “less than or equal to,” “not more than,” “lower than,” “lower than or equal to,” “not higher than,” and “below”.
  • the apparatus and device may be interpreted as physical or virtual, and their names are not limited to the names recorded in the embodiments. In some cases, they may also be understood as “equipment”, “device”, “circuit”, “network element”, “node”, “function”, “unit”, “section”, “system”, “network”, “chip”, “chip system”, “entity”, “body”, etc.
  • network can be interpreted as devices included in the network, such as access network devices, core network devices, etc.
  • access network device may also be referred to as “radio access network device (RAN device),”"base station (BS),”"radio base station,” or “fixed station.” In some embodiments, it may also be understood as “node,””accesspoint,””transmission point (TP),”"reception point (RP),” or “transmit and/or receive.” Transmission/reception point (TRP), panel, antenna panel, antenna array, cell, macro cell, small cell, femto cell, pico cell, sector, cell group, serving cell, carrier, component carrier, bandwidth part (BWP), etc.
  • RAN device radio access network device
  • BS base station
  • RP radio reception point
  • TRP Transmission/reception point
  • panel antenna panel, antenna array, cell, macro cell, small cell, femto cell, pico cell, sector, cell group, serving cell, carrier, component carrier, bandwidth part (BWP), etc.
  • terminal or “terminal device” may be referred to as "user equipment (UE),” “user terminal,” “mobile station (MS),” “mobile terminal (MT),” “subscriber station,” “mobile unit,” “subscriber unit,” “wireless unit,” “remote unit,” “mobile device,” “wireless device,” “wireless communication device,” “remote device,” “mobile subscriber station,” “access terminal,” “mobile terminal,” “wireless terminal,” “remote terminal,” “handset,” “user agent,” “mobile client,” “client,” etc.
  • UE user equipment
  • MS mobile station
  • MT mobile terminal
  • the acquisition of data, information, etc. may comply with the laws and regulations of the country where the location is situated.
  • data, information, etc. may be obtained with the user's consent.
  • each element, each row, or each column in the table of this disclosure can be implemented as an independent embodiment, and any combination of any element, any row, or any column can also be implemented as an independent embodiment.
  • Proximity-based services enable user terminals (UEs) to communicate directly with other UEs in their vicinity using the direct communication interface (PC5).
  • PC5 direct communication interface
  • Support for discovery, selection, authorization, connection establishment, and data transmission in single-hop ProSe UE-to-Network (U2N) and single-hop ProSe UE-to-UE (U2U) relay services has been addressed in previous versions.
  • FIG 1A is a schematic diagram of a multi-hop U2N relay architecture according to an embodiment of this disclosure.
  • the multi-hop U2N relay architecture includes: a remote UE, one or more intermediate relay terminals, and a U2N relay terminal.
  • the U2N relay terminal is connected to the network through a Uu interface.
  • the number of intermediate relay terminals is not limited.
  • Figure 1B is a schematic diagram of a multi-hop U2N relay architecture according to an embodiment of this disclosure.
  • the multi-hop U2N relay architecture includes: a remote UE, intermediate relay terminal 1, intermediate relay terminal 2, and a U2N relay terminal.
  • FIG. 1C is a schematic diagram of a multi-hop U2U relay architecture according to an embodiment of this disclosure.
  • the multi-hop U2U relay architecture includes: a source terminal, multiple U2U relay terminals, and a target terminal. In this embodiment of the disclosure, the number of U2U relay terminals is not limited.
  • Figure 1D is a schematic diagram of a multi-hop U2U relay architecture according to an embodiment of this disclosure. As shown in Figure 1D, the multi-hop U2U relay architecture includes: a source terminal, U2U relay terminal 1, U2U relay terminal 2, and a target terminal.
  • the aforementioned terminals include, but are not limited to, at least one of the following: mobile phone, wearable device, Internet of Things device, car with communication function, smart car, tablet computer, computer with wireless transceiver function, virtual reality (VR) terminal device, augmented reality (AR) terminal device, wireless terminal device in industrial control, wireless terminal device in self-driving, wireless terminal device in remote medical surgery, wireless terminal device in smart grid, wireless terminal device in transportation safety, wireless terminal device in smart city, and wireless terminal device in smart home.
  • VR virtual reality
  • AR augmented reality
  • the access network device is, for example, a node or device that connects a terminal to a wireless network.
  • the access network device may include, but is not limited to, at least one of the following in a 5G communication system: evolved Node B (eNB), next-generation evolved Node B (ng-eNB), next-generation Node B (gNB), node B (NB), home node B (HNB), home evolved node B (HeNB), radio backhaul device, radio network controller (RNC), base station controller (BSC), base transceiver station (BTS), base band unit (BBU), mobile switching center, base station in a 6G communication system, open RAN, cloud RAN, base station in other communication systems, and access node in a Wi-Fi system.
  • eNB evolved Node B
  • ng-eNB next-generation evolved Node B
  • gNB next-generation Node B
  • gNB next-generation Node B
  • NB node B
  • HNB home node B
  • HeNB home evolved
  • the access network device may be composed of a central unit (CU) and a distributed unit (DU).
  • the CU may also be called a control unit.
  • the CU-DU structure can separate the protocol layer of the access network device. Some protocol layer functions are centrally controlled by the CU, while the remaining part or all of the protocol layer functions are distributed in the DU and centrally controlled by the CU. However, this is not the only possibility.
  • the remote terminal or source terminal will send a message, which can be a request message (such as a Direct Communication Request (DCR) message) or other messages. If the remote terminal If messages between intermediate relay terminals, between intermediate relay terminals, or between an intermediate relay terminal and a U2N relay terminal are not protected, or if messages between the source terminal and a U2U relay terminal, between U2U relay terminals, or between a U2U relay terminal and the target terminal are not protected, the information carried in the messages may be tampered with or stolen. Therefore, embodiments of this disclosure propose a method for protecting messages in multi-hop U2N relay and/or multi-hop U2U relay scenarios.
  • DCR Direct Communication Request
  • Figure 1E is a schematic diagram of the architecture of a communication system provided according to an embodiment of the present disclosure.
  • the communication system 100 includes a first terminal 101 and a second terminal 102.
  • Both the first terminal 101 and the second terminal 102 are terminals that support multi-hop U2N services or terminals that support multi-hop U2U services.
  • the first terminal and the second terminal are respectively the sender and receiver of a first message, and the first message sent by the first terminal is received by the second terminal.
  • the first message may be a DCR message or other messages.
  • the first terminal can be a remote terminal, or the first terminal can be any one of one or more intermediate relay terminals; the second terminal can be any one of one or more intermediate relay terminals, or the second terminal can be a U2N relay terminal.
  • the first terminal is a remote terminal and the second terminal is intermediate relay terminal 1; or, the first terminal is intermediate relay terminal 1 and the second terminal is intermediate relay terminal 2; or, the first terminal is intermediate relay terminal 2 and the second terminal is a U2N relay terminal.
  • the first terminal can be the source terminal, or the first terminal can be any one of multiple U2U relay terminals; the second terminal can be any one of multiple U2U relay terminals, or the second terminal can be the target terminal.
  • the first terminal is the source terminal and the second terminal is U2U relay terminal 1; or, the first terminal is U2U relay terminal 1 and the second terminal is U2U relay terminal 2; or, the first terminal is U2U relay terminal 2 and the second terminal is the target terminal.
  • Figure 2 is an interactive schematic diagram of the communication method provided according to an embodiment of the present disclosure. As shown in Figure 2, the present disclosure relates to a communication method, which includes:
  • Step S2101 The first terminal determines the key stream based on the first key.
  • the first terminal determines a first key and a key stream based on the first key.
  • the first key is an encryption key used for information in the first message.
  • the first message is a DCR message
  • the first key is an encryption key used for information in the DCR message, therefore it can be called a DCR key.
  • all or part of the information in the first message can be encrypted, thereby protecting all or part of the information in the first message.
  • the second information refers to all or part of the information in the first message, that is, the second information is the information in the first message that needs to be encrypted and protected.
  • the second information includes the first information, which is used to determine the path from the first terminal to the second terminal.
  • the second information includes the first information and at least one of the following:
  • the first key is determined based on at least one of the following:
  • the first message can be protected for privacy based on discovery security materials during the discovery phase.
  • the first key is set to DUCK/DUSK/long-term credentials.
  • the first key can be determined according to a preset priority.
  • the preset priority is: DUCK > DUSK > long-term credentials. If the first terminal is configured with DUCK, the first key is set to DUCK. If the first terminal is configured with DUSK but not with DUCK, the first key is set to DUSK. If the first terminal is configured with long-term credentials but not with DUCK and DUSK, the first key is set to long-term credentials. It should be understood that the above priorities are only examples.
  • the first terminal if the first terminal is not configured with DUCK, DUSK, and long-term credentials, the first message is unprotected, and steps S2101-S2102 can be skipped.
  • the first terminal sends the first message to the second terminal, and the first message includes unencrypted second information.
  • the second information includes the first information, therefore the first message includes unencrypted first information.
  • the key stream corresponding to the first key can be determined.
  • the key stream can be determined based solely on the first key, or it can be determined partially based on the first key (i.e., based on the first key and other information).
  • the above key stream can be determined based on a first key and at least one of the following:
  • directional information can be used to indicate up or down.
  • the length information may be the length of the second information, but is not limited thereto.
  • the above key stream is determined based on the first key, a UTC-based counter, bearer, direction information, and length information.
  • the key stream described above is determined based on a first key, a UTC-based counter, and RSC.
  • the key stream can be determined using the encryption algorithm specified in TS 33.501.
  • the key stream associated with that first key can be determined.
  • Step S2102 The first terminal encrypts the second information according to the key stream to obtain encrypted information.
  • the first terminal protects the privacy of the first message.
  • privacy protection can be achieved by encrypting all or part of the information (second information) in the first message using a key stream.
  • the first terminal encrypts the second information according to the aforementioned key stream to obtain encrypted information.
  • the second information includes the first information, which is used to determine the path from the first terminal to the second terminal. Therefore, the encrypted information obtained by encrypting the second information includes the encrypted first information. It should be understood that the second information here may be the same as the first information, or it may include other information besides the first information.
  • the first information includes one of the following:
  • Transaction ID which is used to determine the path from the first terminal to the second terminal.
  • the first information may include path information from the remote terminal to the U2N relay terminal, such as a list containing the identification information of each intermediate relay terminal.
  • the first information may include a transaction identifier, which may be an identifier obtained by mapping the identifier of the remote terminal and/or the identifier of the U2N relay terminal.
  • the intermediate relay terminal can determine the next-hop node based on the transaction identifier by searching all previously stored transaction identifiers.
  • the first information may include path information from the source terminal to the target terminal, such as a list containing the identification information of each U2U relay terminal.
  • the first information may include a transaction identifier, which may be an identifier obtained by mapping the identifier of the source terminal and/or the identifier of the target terminal.
  • the U2U relay terminal can determine the next-hop node based on the transaction identifier by searching all previously stored transaction identifiers.
  • the transaction identifier can be used initially in the discovery phase. Each time an intermediate relay terminal or U2U relay terminal receives a discovery message carrying the transaction identifier, it stores the identifier and records which terminal the message originated from. This transaction identifier can then be used in the subsequent communication phase. The first message is sent during the communication phase.
  • the first terminal can determine the next hop node, i.e., the path to the second terminal, based on the path information from the first terminal to the second terminal or based on the transaction identifier.
  • the second information may also include at least one of the following:
  • the encrypted information obtained after encrypting the second information includes:
  • the encrypted first message and also includes at least one of the following:
  • the user identification information may include, but is not limited to, at least one of the following:
  • PRUK ID ProSe Remote User Key ID
  • User information identifier (user info ID).
  • the PRUK ID may include, but is not limited to, the Control Plane ProSe Remote User Key ID (CP-PRUK ID) and/or the User Plane ProSe Remote User Key ID (UP-PRUK ID).
  • CP-PRUK ID Control Plane ProSe Remote User Key ID
  • UP-PRUK ID User Plane ProSe Remote User Key ID
  • the keystream described above is set to the N least significant bits of the Key Derivation Function (KDF) output, where N is the total length of the second information.
  • KDF Key Derivation Function
  • the second information includes the first information and RSC, then N is the total length of the first information and RSC.
  • the second information includes the PRUK ID, the first information, and RSC, then N is the total length of the PRUK ID, the first information, and RSC.
  • the first terminal encrypts the second information according to the aforementioned key stream. For example, the first terminal XORs the aforementioned key stream and the second information to obtain encrypted information.
  • the length of the aforementioned key stream is equal to the total length of PRUK ID, first information, and RSC.
  • the aforementioned key stream is XORed with PRUK ID, first information, and RSC to obtain encrypted information.
  • the first L bits of the aforementioned key stream (L being the length of RSC) are XORed with RSC, and then the remaining bits of the key stream are XORed with other information in the second information.
  • the encrypted information is obtained.
  • the first L1 bits of the key stream (L1 is the length of RSC) are XORed with RSC.
  • the middle L2 bits of the key stream (L2 is the length of PRUK ID) are XORed with PRUK ID.
  • the last L3 bits of the key stream (L3 is the length of the first information) are XORed with the first information to obtain the encrypted information.
  • the first terminal further performs integrity protection on the first message.
  • the first terminal calculates a message integrity check (MIC) using a second key based on the encrypted information; this MIC is included in the first message.
  • the second key can be a Discovery User Integrity Key (DUIK).
  • integrity protection is performed after privacy protection (encryption steps); in some embodiments, integrity protection may also be performed before privacy protection.
  • steps S2101 to S2102 are optional steps.
  • the first terminal can encrypt the second information in other ways to obtain encrypted information.
  • Step S2103 The first terminal sends a first message to the second terminal, the first message including the encrypted information.
  • the first message may also include MIC.
  • Step S2104 The second terminal determines the key stream based on the first key.
  • step S2104 can be found in the optional implementation of step S2101 in Figure 2, and will not be repeated here.
  • Step S2105 The second terminal decrypts the encrypted information according to the key stream.
  • the step of the second terminal decrypting the encrypted information according to the key stream corresponds to the step of the first terminal encrypting the second information according to the key stream.
  • the optional implementation of the decryption step in step S2105 can be found in the optional implementation of the encryption step in step S2102 of Figure 2, and will not be elaborated here.
  • the first terminal and the second terminal as the sender and receiver of the same message, use the same first key and key stream for encryption and decryption.
  • the second terminal decrypts the encrypted information based on the aforementioned keystream. For example, the second terminal XORs the keystream and the encrypted information to obtain the second information.
  • the encrypted information includes an encrypted PRUK ID, encrypted first information, and encrypted RSC
  • the keystream is XORed with the encrypted PRUK ID, encrypted first information, and encrypted RSC to obtain the second information.
  • the first L bits of the keystream (L being the length of the RSC) are XORed with the encrypted RSC, and then the remaining bits of the keystream are XORed with other encrypted information in the encrypted information to obtain the second information.
  • the encrypted information as an example, which includes the encrypted PRUK ID, the encrypted first information, and the encrypted RSC
  • the first L1 bits of the key stream (L1 being the length of the RSC) are XORed with the encrypted RSC.
  • the middle L2 bits of the key stream (L2 being the length of the PRUK ID) are XORed with the encrypted PRUK ID.
  • the last L3 bits of the key stream (L3 being the length of the first information) are XORed with the encrypted first information to obtain the second information.
  • the second terminal further performs integrity verification on the first message. Based on the encrypted information, the second terminal calculates the MIC using the second key. If the calculated MIC is the same as the MIC in the first message, the integrity verification passes; if the calculated MIC is different from the MIC in the first message, the integrity verification fails.
  • the integrity verification is performed before the privacy protection verification (decryption step). If the integrity verification fails, steps S2104 to S2107 may not be executed. In some embodiments, the integrity verification may also be performed after the privacy protection verification.
  • steps S2104 to S2105 are optional steps.
  • the first terminal can encrypt the second information in other ways to obtain encrypted information, and correspondingly, the second terminal can decrypt the encrypted information in other ways to obtain the second information.
  • Step S2106 The second terminal determines to terminate the establishment of the PC5 link between the second terminal and the first terminal based on the fact that the second information obtained after decryption is different from the stored second information.
  • the stored second information can be the second information carried in the discovery message.
  • the second information carried in the discovery message is stored.
  • the second information obtained after decryption differs from the stored second information in that at least one item in the second information obtained after decryption is different from the corresponding information in the stored second information.
  • the second information which includes PRUK ID, the first information, and RSC
  • PRUK ID obtained after decryption is different from the stored PRUK ID
  • the first information obtained after decryption is different from the stored first information
  • the RSC obtained after decryption is different from the stored RSC
  • Step S2107 The second terminal determines to terminate the establishment of the PC5 link between the second terminal and the first terminal based on the decryption failure.
  • the second terminal is unable to successfully reconstruct the second information using the decryption algorithm, it is determined that the decryption has failed.
  • steps S2106 to S2107 are optional steps.
  • the second information can be obtained by decrypting the encrypted information in the first message, and the second information obtained by decryption can be compared with the second information stored in the second terminal to determine whether to terminate the establishment of the PC5 link between the second terminal and the first terminal based on whether the decryption is successful or not. This allows the establishment of the first PC5 link to the second terminal to be completed while protecting the privacy between the first and second terminals. PC5 link between the terminal and the second terminal.
  • the second terminal continues to execute subsequent processes, such as sending the next message to the next hop node, based on the fact that the second information obtained after decryption is the same as the stored second information. For example, the second terminal acts as the sender of the next message, the next hop node acts as the receiver of the next message, the second terminal can act as a new first terminal, and the next hop node can act as a new second terminal, and privacy protection for the next message is performed in accordance with steps S2101 to S2107.
  • privacy protection is provided for information in messages in multi-hop U2N relay and/or multi-hop U2U relay scenarios.
  • the messages carry encrypted first information, which is used to determine the path in multi-hop U2N relay and/or multi-hop U2U relay scenarios.
  • uplink can be used interchangeably, as can the terms “downlink”, “downlink”, and “physical downlink”, as well as the terms “sidelink”, “sidelink”, “sidelink communication”, “sidelink communication”, “direct connection”, “direct link”, “direct communication”, and “direct link communication”.
  • “get,” “obtain,” “receive,” “transmit,” “bidirectional transmission,” and “send and/or receive” can be used interchangeably and can be interpreted as receiving from other entities, obtaining from protocols, obtaining from higher layers, obtaining through self-processing, or autonomous implementation, among other meanings.
  • terms such as “certain,” “preset,” “default,” “set,” “indicated,” “a certain,” “any,” and “first” can be used interchangeably.
  • “Certain A,” “preset A,” “default A,” “set A,” “indicated A,” “a certain A,” “any A,” and “first A” can be interpreted as A pre-defined in a protocol or the like, or as A obtained through setting, configuration, or instruction, or as specific A, a certain A, any A, or first A, but are not limited thereto.
  • step S2103 can be implemented as an independent embodiment, as can step S2101+S2102+S2103, as can step S2103+S2104+S2105, as can step S2103+S2104+S2105+S2106, as can step S2103+S2104+S2105+S2107, as can step S2103+S2104+S2105+S2106+S2107, as can step S2103+S2106, as can step S2103+S2107, as can step S2103+S2106+S2107, as can step S2103+S2106+S2107, but are not limited thereto.
  • steps S2101-S2102 and S2104-S2107 are all optional, and one or more of these steps may be omitted or substituted in different embodiments.
  • Figure 3A is a flowchart illustrating a communication method according to an embodiment of the present disclosure. As shown in Figure 3A, the present disclosure relates to a communication method executed by a first terminal, including:
  • Step S3101 Determine the key stream based on the first key.
  • step S3101 can be found in the optional implementation of step S2101 in Figure 2 and other related parts in the embodiments involved in Figure 2, which will not be repeated here.
  • Step S3102 Encrypt the second information according to the key stream to obtain encrypted information.
  • step S3102 can be found in the optional implementation of step S2102 in Figure 2 and other related parts in the embodiments involved in Figure 2, which will not be repeated here.
  • Step S3103 Send the first message, which includes the encrypted information.
  • step S3103 can be found in the optional implementation of step S2103 in Figure 2 and other related parts in the embodiments involved in Figure 2, which will not be repeated here.
  • Figure 3B is a flowchart illustrating a communication method according to an embodiment of the present disclosure. As shown in Figure 3B, the present disclosure relates to a communication method executed by a first terminal, including:
  • Step S3201 Encrypt the second information to obtain encrypted information.
  • step S3201 can be found in the optional implementations of steps S2101 to S2102 in Figure 2, as well as other related parts in the embodiments involved in Figure 2, which will not be repeated here.
  • the second information may include first information used to determine the path from the first terminal to the second terminal.
  • the encrypted information includes the encrypted first information.
  • the first information includes one of the following:
  • a transaction identifier which is used to determine the path from the first terminal to the second terminal.
  • the second information also includes at least one of the following:
  • the encrypted information also includes the encrypted RSC and/or the encrypted user identification information.
  • a key stream can be determined based on a first key, and the second information can be encrypted based on the key stream to obtain encrypted information.
  • encrypting the second information based on the key stream can include XORing the key stream with the second information.
  • the second information may also be encrypted in other ways, such as by using other encryption algorithms. This disclosure does not limit the encryption method.
  • Step S3202 Send the first message, which includes the encrypted information.
  • step S3202 can be found in the optional implementation of step S2103 in Figure 2 and other related parts in the embodiments involved in Figure 2, which will not be repeated here.
  • Figure 3C is a flowchart illustrating a communication method according to an embodiment of the present disclosure. As shown in Figure 3C, the present disclosure relates to a communication method executed by a first terminal, including:
  • Step S3301 Send the first message, which includes encrypted information.
  • step S3301 can be found in the optional implementation of step S2103 in Figure 2 and other related parts in the embodiments involved in Figure 2, which will not be repeated here.
  • the first message includes encrypted information, which includes encrypted first information used to determine the path from the first terminal to the second terminal.
  • the first information includes one of the following:
  • a transaction identifier which is used to determine the path from the first terminal to the second terminal.
  • a key stream can be determined based on a first key, and the second information can be encrypted based on the key stream to obtain encrypted information.
  • the second information includes the first information described above.
  • encrypting the second information based on the key stream can include XORing the key stream with the second information.
  • the second information may also be encrypted in other ways, such as by using other encryption algorithms. This disclosure does not limit the encryption method.
  • the second information also includes at least one of the following:
  • the encrypted information also includes the encrypted RSC and/or the encrypted user identification information.
  • the first key is determined based on at least one of the following:
  • the key stream is determined based on a first key and at least one of the following:
  • the key stream is set to the N least significant bits of the Key Derivation Function (KDF) output, where N is the total length of the second information.
  • KDF Key Derivation Function
  • Figure 4A is a flowchart illustrating a communication method according to an embodiment of the present disclosure. As shown in Figure 4A, the present disclosure relates to a communication method executed by a second terminal, including:
  • Step S4101 Receive the first message, which includes encrypted information.
  • step S4101 can be found in the optional implementation of step S2103 in Figure 2, as well as other related parts in the embodiments involved in Figure 2, which will not be repeated here.
  • Step S4102 Determine the key stream based on the first key.
  • step S4102 can be found in the optional implementation of step S2104 in Figure 2 and other related parts in the embodiments involved in Figure 2, which will not be repeated here.
  • Step S4103 Decrypt the encrypted information according to the key stream.
  • step S4103 can be found in the optional implementation of step S2105 in Figure 2, as well as other related parts in the embodiments involved in Figure 2, which will not be repeated here.
  • the method further includes at least one of the following:
  • Figure 4B is a flowchart illustrating a communication method according to an embodiment of the present disclosure. As shown in Figure 4B, the present disclosure relates to a communication method executed by a second terminal, including:
  • Step S4201 Receive the first message, which includes encrypted information.
  • step S4201 can be found in the optional implementation of step S2103 in Figure 2 and other related parts in the embodiments involved in Figure 2, which will not be repeated here.
  • Step S4202 Decrypt the encrypted information.
  • step S4202 can be found in the optional implementation of steps S2104 to S2105 in Figure 2, as well as other related parts in the embodiments involved in Figure 2, which will not be repeated here.
  • the encrypted information is obtained by encrypting the second information.
  • the second information may include the first information used to determine the path from the first terminal to the second terminal.
  • the encrypted information includes the encrypted first information.
  • the first information includes one of the following:
  • a transaction identifier which is used to determine the path from the first terminal to the second terminal.
  • the second information also includes at least one of the following:
  • the encrypted information also includes the encrypted RSC and/or the encrypted user identification information.
  • a key stream can be determined based on a first key, and the encrypted information can be decrypted based on the key stream.
  • decrypting the encrypted information based on the key stream can include XORing the key stream with the encrypted information.
  • the encrypted information can also be decrypted in other ways, such as by using other decryption algorithms. This disclosure does not limit the decryption method.
  • the method further includes at least one of the following:
  • Figure 4C is a flowchart illustrating a communication method according to an embodiment of the present disclosure. As shown in Figure 4C, the present disclosure relates to a communication method executed by a second terminal, including:
  • Step S4301 Receive the first message, which includes encrypted information.
  • step S4301 can be found in the optional implementation of step S2103 in Figure 2 and other related parts in the embodiments involved in Figure 2, which will not be repeated here.
  • the encrypted information is obtained by encrypting the second information.
  • the second information may include the first information used to determine the path from the first terminal to the second terminal.
  • the encrypted information includes the encrypted first information.
  • the first information includes one of the following:
  • a transaction identifier which is used to determine the path from the first terminal to the second terminal.
  • the second information also includes at least one of the following:
  • the encrypted information also includes the encrypted RSC and/or the encrypted user identification information.
  • a key stream can be determined based on a first key, and the encrypted information can be decrypted based on the key stream.
  • decrypting the encrypted information based on the key stream can include XORing the key stream with the encrypted information.
  • the encrypted information can also be decrypted in other ways, such as by using other decryption algorithms. This disclosure does not limit the decryption method.
  • the first key is determined based on at least one of the following:
  • the key stream is determined based on a first key and at least one of the following:
  • the key stream is set to the N least significant bits of the KDF output, where N is the total length of the second information.
  • the method further includes at least one of the following:
  • Figure 5 is an interactive schematic diagram of a communication method according to an embodiment of the present disclosure. As shown in Figure 5, the present disclosure relates to a communication method, which includes:
  • Step S5101 The first terminal encrypts the second information to obtain encrypted information.
  • step S5101 can be found in the optional implementations of steps S2101 to S2102 in Figure 2, the optional implementation of step S3201 in Figure 3B, and other related parts in the embodiments involved in Figures 2 and 3B, which will not be repeated here.
  • the second information includes the first information.
  • the first information is used to determine the path from the first terminal to the second terminal.
  • the encrypted information includes the encrypted first information.
  • the first information includes one of the following:
  • a transaction identifier which is used to determine the path from the first terminal to the second terminal.
  • the second information also includes at least one of the following:
  • the encrypted information also includes the encrypted RSC and/or the encrypted user identification information.
  • Step S5102 The first terminal sends a first message to the second terminal, the first message including the encrypted information.
  • step S5102 can be found in the optional implementations of step S2103 in Figure 2, the optional implementations of step S3202 in Figure 3B, the optional implementations of step S4201 in Figure 4B, and other related parts in the embodiments involved in Figures 2, 3B, and 4B, which will not be repeated here.
  • Step S5103 The second terminal decrypts the encrypted information.
  • step S5103 can be found in the optional implementations of steps S2104 to S2105 in Figure 2, the optional implementation of step S4202 in Figure 4B, and other related parts in the embodiments involved in Figures 2 and 4B, which will not be repeated here.
  • Figure 6A is an interactive schematic diagram illustrating the communication method based on the multi-hop U2N relay architecture shown in Figure 1B. As shown in Figure 6A, the communication method includes:
  • Step 1.1 The remote terminal sends the first DCR to the intermediate relay terminal 1.
  • the remote terminal connects to the nearest intermediate relay terminal 1 in the selected multi-hop path and sends a first DCR to intermediate relay terminal 1.
  • the first DCR includes route information or a transaction ID to indicate the selected multi-hop path.
  • the route information can be a list containing user info IDs of intermediate relay terminals.
  • the transaction ID is associated with the route information.
  • the first DCR also includes an RSC and a PRUK ID.
  • the remote terminal protects the first DCR by using discovery security materials, including integrity protection and/or privacy protection. Integrity protection of the first DCR is performed after privacy protection.
  • Discovery security materials are related to at least one of the following: RSC, direct discovery service for neighboring services, neighboring service query code, neighboring service response code, and neighboring service restricted code.
  • the DCR key is used as the encryption/decryption key.
  • the DCR key corresponds to the first key in the above embodiment.
  • the remote terminal encrypts the path information (or transaction identifier), PRUK ID, and RSC that need to be protected in the first DCR using the first DCR key to obtain the first encrypted information.
  • Optional encryption implementations are described below.
  • a DUIK is used as the protection key.
  • the remote terminal calculates the first MIC using the DUIK based on the first encrypted information, and the first MIC is contained in the first DCR.
  • Step 1.2 Intermediate relay terminal 1 sends the second DCR to intermediate relay terminal 2.
  • intermediate relay terminal 1 After receiving the first DCR sent by the remote terminal, intermediate relay terminal 1 verifies the first DCR by using discovered security materials, including integrity verification and/or privacy protection verification. The integrity verification of the first DCR is performed before the privacy protection verification.
  • intermediate relay terminal 1 calculates the second MIC using DUIK based on the first encrypted information in the first DCR, and compares the second MIC with the first MIC in the first DCR. If they are different, the integrity verification fails. If they are the same, privacy protection verification can be performed.
  • intermediate relay terminal 1 uses the first DCR key to decrypt the first encrypted information. Decryption is optional. The implementation method is described below. Intermediate relay terminal 1 compares the PRUK ID, path information (or transaction identifier), and RSC obtained after decryption with the values in the discovery message. If any one of the values does not match, the link establishment process is aborted.
  • Intermediate relay terminal 1 establishes a new PC5 connection with the next-hop node of the selected multi-hop path (i.e., intermediate relay terminal 2) and sends a second DCR to intermediate relay terminal 2.
  • Intermediate relay terminal 1 protects the second DCR by using discovery security materials, including integrity protection and/or privacy protection.
  • intermediate relay terminal 1 uses the second DCR key to encrypt the path information (or transaction identifier), PRUK ID, and RSC that need to be protected in the second DCR to obtain the second encrypted information.
  • the second DCR key may be the same as or different from the first DCR key.
  • intermediate relay terminal 1 calculates the third MIC using DUIK based on the second encryption information, and the third MIC is contained in the second DCR.
  • Step 1.3 Intermediate relay terminal 2 sends the third DCR to the U2N relay terminal.
  • intermediate relay terminal 2 After receiving the second DCR sent by intermediate relay terminal 1, intermediate relay terminal 2 verifies the second DCR by using discovery security materials, including integrity verification and/or privacy protection verification.
  • Intermediate relay terminal 2 establishes a new PC5 connection with the U2N relay terminal and sends a third DCR to the U2N relay terminal. Intermediate relay terminal 2 protects the third DCR by using discovered secure materials, including integrity protection and/or privacy protection.
  • step 1.2 The optional implementation methods for intermediate relay terminal 2 to verify the second DCR and protect the third DCR can be found in the optional implementation methods of step 1.2, and will not be repeated here.
  • Step 1.4 The U2N relay terminal sends the first Direct Communication Accept (DCA) to the intermediate relay terminal 2.
  • DCA Direct Communication Accept
  • the U2N relay terminal After receiving the third DCR from intermediate relay terminal 2, the U2N relay terminal verifies the third DCR by discovering security materials, including integrity verification and/or privacy protection verification. Optional implementations of the U2N relay terminal's verification of the third DCR can be found in step 1.2, and will not be elaborated here.
  • the U2N relay terminal sends the first DCA to the intermediate relay terminal 2.
  • Step 1.5 Intermediate relay terminal 2 sends the second DCA to intermediate relay terminal 1.
  • Step 1.6 Intermediate relay terminal 1 sends the third DCA to the remote terminal.
  • the optional implementation methods of encryption may include, but are not limited to, the following scheme 1 and scheme 2.
  • the terminal encrypts the PRUK ID, path information (or transaction identifier), and RSC as follows:
  • the DCR key is set to DUCK/DUSK/long-term credentials. If the terminal is not configured with DUCK/DUSK/long-term credentials, the DCR is unprotected and the following steps (2) to (3) are skipped.
  • the terminal encrypts the PRUK ID, path information (or transaction identifier), and RSC as follows:
  • the DCR key is set to DUCK. If the terminal is configured with DUSK but not with DUCK, the DCR key is set to DUSK. If the terminal is neither configured with DUCK nor DUSK, the DCR is unprotected and the following steps (2) to (3) are skipped.
  • the optional implementation methods for decryption may include, but are not limited to, the following scheme 1 and scheme 2.
  • the terminal decrypts the encrypted PRUK ID, encrypted path information (or transaction identifier), and encrypted RSC in the following manner:
  • the DCR key is set to DUCK/DUSK/long-term credentials. If the terminal is not configured with DUCK/DUSK/long-term credentials, the DCR is unprotected and the following steps (2) to (3) are skipped.
  • the terminal decrypts the encrypted PRUK ID, encrypted path information (or transaction identifier), and encrypted RSC in the following manner:
  • the DCR key is set to DUCK. If the terminal is configured with DUSK but not with DUCK, the DCR key is set to DUSK. If the terminal is neither configured with DUCK nor DUSK, the DCR is unprotected and the following steps (2) to (3) are skipped.
  • KDF Key Derivation Function
  • L0 UTC-based counter length (i.e., 0x00 0x04)
  • L1 the length of RSC (i.e., 0x00 0x03)
  • the input key for KDF is a 256-bit DCR key.
  • Figure 6B is a schematic diagram illustrating the communication method based on the multi-hop U2U relay architecture shown in Figure 1D.
  • the source terminal acts as the remote terminal, and its optional implementation can be found in the optional implementation of remote terminals.
  • the U2U relay terminal acts as the intermediate relay terminal, and its optional implementation can be found in the optional implementation of intermediate relay terminals.
  • the target terminal acts as the U2N relay terminal, and its optional implementation can be found in the optional implementation of U2N relay terminals.
  • the method includes:
  • Step 2.1 The source terminal sends the first DCR to U2U relay terminal 1.
  • step 2.1 can be found in the optional implementation of step 1.1 in Figure 6A and other related parts in the embodiments involved in Figure 6A, which will not be repeated here.
  • Step 2.2 U2U relay terminal 1 sends the second DCR to U2U relay terminal 2.
  • step 2.2 can be found in the optional implementation of step 1.2 in Figure 6A and other related parts in the embodiments involved in Figure 6A, which will not be repeated here.
  • Step 2.3 U2U relay terminal 2 sends the third DCR to the target terminal.
  • step 2.3 can be found in the optional implementation of step 1.3 in Figure 6A and other related parts in the embodiments involved in Figure 6A, which will not be repeated here.
  • Step 2.4 The target terminal sends the first DCA to the U2U relay terminal 2.
  • step 2.4 can be found in the optional implementation of step 1.4 in Figure 6A and other related parts in the embodiments involved in Figure 6A, which will not be repeated here.
  • Step 2.5 U2U relay terminal 2 sends the second DCA to U2U relay terminal 1.
  • step 2.5 please refer to the optional implementations of step 1.5 in Figure 6A and other related parts in the embodiments involved in Figure 6A, which will not be repeated here.
  • Step 2.6 U2U relay terminal 1 sends the third DCA to the source terminal.
  • step 2.6 please refer to the optional implementations of step 1.6 in Figure 6A and other related parts in the embodiments involved in Figure 6A, which will not be repeated here.
  • This disclosure also provides an apparatus for implementing any of the above methods.
  • an apparatus is provided that includes units or modules for implementing the steps performed by the terminal in any of the above methods.
  • another apparatus is provided that includes units or modules for implementing the steps performed by a network device (e.g., an access network device, a core network functional node, a core network device, etc.) in any of the above methods.
  • a network device e.g., an access network device, a core network functional node, a core network device, etc.
  • the division of units or modules in the above device is only a logical functional division. In actual implementation, they can be fully or partially integrated into a single physical entity, or they can be physically separated.
  • the units or modules in the device can be implemented by a processor calling software: for example, the device includes a processor connected to memory, the memory storing instructions, and the processor calling the instructions stored in memory to implement any of the above methods or to implement the functions of the units or modules in the above device.
  • the processor can be, for example, a general-purpose processor, such as a Central Processing Unit (CPU) or a microprocessor, and the memory can be internal or external to the device.
  • the units or modules in the device can be implemented as hardware circuits.
  • the functions of some or all units or modules can be implemented through the design of the hardware circuits, which can be understood as one or more processors; for example...
  • the aforementioned hardware circuit is an application-specific integrated circuit (ASIC).
  • ASIC application-specific integrated circuit
  • the aforementioned hardware circuit can be implemented using a programmable logic device (PLD). Taking a field-programmable gate array (FPGA) as an example, it can include a large number of logic gates. The connection relationships between these logic gates are configured through a configuration file, thereby realizing the functions of some or all of the above units or modules. All units or modules of the above device can be implemented entirely through processor-invoked software, entirely through hardware circuits, or partially through processor-invoked software with the remaining parts implemented through hardware circuits.
  • PLD programmable logic device
  • the processor is a circuit with signal processing capabilities.
  • the processor can be a circuit with instruction read and execute capabilities, such as a Central Processing Unit (CPU), a microprocessor, a graphics processing unit (GPU) (which can be understood as a microprocessor), or a digital signal processor (DSP).
  • the processor can implement certain functions through the logical relationships of hardware circuits. The logical relationships of the aforementioned hardware circuits are fixed or reconfigurable.
  • the processor is a hardware circuit implemented using an application-specific integrated circuit (ASIC) or a programmable logic device (PLD), such as an FPGA.
  • ASIC application-specific integrated circuit
  • PLD programmable logic device
  • the process of the processor loading a configuration document and configuring the hardware circuit can be understood as the process of the processor loading instructions to implement the functions of some or all of the above units or modules.
  • it can also be hardware circuits designed for artificial intelligence, which can be understood as ASICs, such as Neural Network Processing Unit (NPU), Tensor Processing Unit (TPU), Deep Learning Processing Unit (DPU), etc.
  • ASICs such as Neural Network Processing Unit (NPU), Tensor Processing Unit (TPU), Deep Learning Processing Unit (DPU), etc.
  • Figure 7A is a schematic diagram of the structure of the first terminal proposed in an embodiment of this disclosure.
  • the first terminal 7100 may include at least one of a transceiver module 7101, a processing module 7102, etc.
  • the transceiver module is configured to send a first message to a second terminal, the first message including encrypted information, the encrypted information including encrypted first information, the first information being used to determine the path from the first terminal to the second terminal.
  • the transceiver module is used to perform at least one of the communication steps (e.g., step 2103, but not limited thereto) performed by the first terminal in any of the above methods, which will not be elaborated here.
  • the processing module is used to perform at least one of the other steps (e.g., steps S2101, S2102, but not limited thereto) performed by the first terminal in any of the above methods, which will not be elaborated here.
  • FIG. 7B is a schematic diagram of the structure of the second terminal proposed in an embodiment of this disclosure.
  • the second terminal 7200 may include at least one of a transceiver module 7201, a processing module 7202, etc.
  • the transceiver module is configured to receive a first message sent by a first terminal, the first message including encrypted information, the encrypted information including encrypted first information, the first information being used to determine the path from the first terminal to the second terminal.
  • the transceiver module is used to perform at least one of the communication steps such as sending and/or receiving performed by the second terminal in any of the above methods, which will not be elaborated here.
  • the processing module is used to perform at least one of the other steps performed by the second terminal in any of the above methods (e.g., steps S2104, S2105, S2106, S2107, but not limited thereto), which will not be elaborated here.
  • the transceiver module may include a transmitting module and/or a receiving module, which may be separate or integrated.
  • the transceiver module may be interchangeable with a transceiver.
  • the processing module may be a single module or may include multiple sub-modules.
  • the multiple sub-modules may each perform all or part of the steps required by the processing module.
  • the processing module may be interchangeable with a processor.
  • Figure 8A is a schematic diagram of the structure of the communication device 8100 proposed in an embodiment of this disclosure.
  • the communication device 8100 can be a terminal, or a chip, chip system, or processor that supports the terminal in implementing any of the above methods.
  • the communication device 8100 can be used to implement the methods described in the above method embodiments, and for details, please refer to the description in the above method embodiments.
  • the communication device 8100 includes one or more processors 8101.
  • the processor 8101 can be a general-purpose processor or a dedicated processor, such as a baseband processor or a central processing unit (CPU).
  • the baseband processor can be used to process communication protocols and communication data, while the CPU can be used to control communication devices (e.g., base stations, baseband chips, terminal devices, terminal device chips, DUs or CUs, etc.), execute programs, and process program data.
  • the communication device 8100 is used to execute any of the above methods.
  • the communication device 8100 further includes one or more memories 8102 for storing instructions.
  • the memories 8102 may also be located outside the communication device 8100.
  • the communication device 8100 further includes one or more transceivers 8103.
  • the transceivers 8103 perform at least one of the communication steps such as sending and/or receiving in the above method (e.g., step S2103, but not limited thereto), and the processor 8101 performs at least one of the other steps (e.g., step S2101, step S2102, step S2104, step S2105, step S2106, step S2107, but not limited thereto).
  • a transceiver may include a receiver and/or a transmitter, which may be separate or integrated.
  • the terms transceiver, transceiver unit, transceiver, transceiver circuit, etc. may be used interchangeably; the terms transmitter, transmitting unit, transmitter, transmitting circuit, etc., may be used interchangeably; and the terms receiver, receiving unit, receiver, receiving circuit, etc., may be used interchangeably.
  • the communication device 8100 may include one or more interface circuits 8104.
  • the interface circuit 8104 Connected to memory 8102, interface circuit 8104 can be used to receive signals from memory 8102 or other devices, and can be used to send signals to memory 8102 or other devices.
  • interface circuit 8104 can read instructions stored in memory 8102 and send the instructions to processor 8101.
  • the communication device 8100 described in the above embodiments may be a network device or a terminal, but the scope of the communication device 8100 described in this disclosure is not limited thereto, and the structure of the communication device 8100 may not be limited by FIG8A.
  • the communication device may be a standalone device or may be part of a larger device.
  • the communication device may be: (1) a standalone integrated circuit IC, or chip, or chip system or subsystem; (2) a collection of one or more ICs, optionally, the IC collection may also include storage components for storing data and programs; (3) an ASIC, such as a modem; (4) a module that can be embedded in other devices; (5) a receiver, terminal device, smart terminal device, cellular phone, wireless device, handheld device, mobile unit, vehicle device, network device, cloud device, artificial intelligence device, etc.; (6) others, etc.
  • Figure 8B is a schematic diagram of the structure of chip 8200 according to an embodiment of this disclosure.
  • the communication device 8100 can be a chip or a chip system, please refer to the schematic diagram of chip 8200 shown in Figure 8B, but it is not limited thereto.
  • Chip 8200 includes one or more processors 8201, which are used to perform any of the above methods.
  • chip 8200 further includes one or more interface circuits 8202.
  • the interface circuit 8202 is connected to memory 8203, and the interface circuit 8202 can be used to receive signals from memory 8203 or other devices, and the interface circuit 8202 can be used to send signals to memory 8203 or other devices.
  • the interface circuit 8202 can read instructions stored in memory 8203 and send the instructions to processor 8201.
  • the interface circuit 8202 performs at least one of the communication steps such as sending and/or receiving in the above method (e.g., step S2103, but not limited thereto), and the processor 8201 performs at least one of the other steps (e.g., step S2101, step S2102, step S2104, step S2105, step S2106, step S2107, but not limited thereto).
  • interface circuit In some embodiments, the terms interface circuit, interface, transceiver pin, transceiver, etc., can be used interchangeably.
  • chip 8200 further includes one or more memories 8203 for storing instructions.
  • all or part of the memories 8203 may be located outside of chip 8200.
  • This disclosure also proposes a storage medium storing instructions that, when executed on a communication device 8100, cause the communication device 8100 to perform any of the above methods.
  • the storage medium is an electronic storage medium.
  • the storage medium is a computer-readable storage medium, but not limited thereto; it may also be a storage medium readable by other devices.
  • the storage medium may be a non-transitory storage medium, but not limited thereto; it may also be a temporary storage medium.
  • This disclosure also provides a program product that, when executed by the communication device 8100, causes the communication device 8100 to perform any of the above methods.
  • the program product is a computer program product.
  • This disclosure also proposes a computer program that, when run on a computer, causes the computer to perform any of the above methods.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente divulgation concerne des procédés de communication, un premier terminal, un second terminal et un dispositif et un système de communication. Un procédé de communication comprend les étapes suivantes : un premier terminal envoie un premier message à un second terminal, le premier message comprenant des informations chiffrées, les informations chiffrées comprenant des premières informations chiffrées, les premières informations étant utilisées pour déterminer un trajet du premier terminal au second terminal, et le premier terminal étant un terminal prenant en charge un service U2N à sauts multiples ou un terminal prenant en charge un service U2U à sauts multiples. Les modes de réalisation de la présente divulgation permettent une protection de confidentialité pour des informations dans des messages dans un scénario de relais U2N à sauts multiples et/ou un scénario de relais U2U à sauts multiples.
PCT/CN2024/092948 2024-05-13 2024-05-13 Procédés de communication, premier terminal, second terminal et dispositif et système de communication Pending WO2025236157A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2024/092948 WO2025236157A1 (fr) 2024-05-13 2024-05-13 Procédés de communication, premier terminal, second terminal et dispositif et système de communication
CN202480001123.9A CN118872303A (zh) 2024-05-13 2024-05-13 通信方法、第一终端、第二终端、通信设备和系统

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2024/092948 WO2025236157A1 (fr) 2024-05-13 2024-05-13 Procédés de communication, premier terminal, second terminal et dispositif et système de communication

Publications (1)

Publication Number Publication Date
WO2025236157A1 true WO2025236157A1 (fr) 2025-11-20

Family

ID=93171794

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2024/092948 Pending WO2025236157A1 (fr) 2024-05-13 2024-05-13 Procédés de communication, premier terminal, second terminal et dispositif et système de communication

Country Status (2)

Country Link
CN (1) CN118872303A (fr)
WO (1) WO2025236157A1 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023117873A1 (fr) * 2021-12-22 2023-06-29 Telefonaktiebolaget Lm Ericsson (Publ) Identification de terminal pour communication à l'aide d'un dispositif terminal relais
US20230319682A1 (en) * 2020-12-09 2023-10-05 Huawei Technologies Co., Ltd. Routing method, apparatus, and system
WO2024050846A1 (fr) * 2022-09-09 2024-03-14 北京小米移动软件有限公司 Procédé et appareil de communication de proximité
CN117716735A (zh) * 2023-10-31 2024-03-15 北京小米移动软件有限公司 中继发现方法及通信设备、通信系统及存储介质

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230319682A1 (en) * 2020-12-09 2023-10-05 Huawei Technologies Co., Ltd. Routing method, apparatus, and system
CN117158114A (zh) * 2020-12-09 2023-12-01 华为技术有限公司 一种路由方法、装置以及系统
WO2023117873A1 (fr) * 2021-12-22 2023-06-29 Telefonaktiebolaget Lm Ericsson (Publ) Identification de terminal pour communication à l'aide d'un dispositif terminal relais
WO2024050846A1 (fr) * 2022-09-09 2024-03-14 北京小米移动软件有限公司 Procédé et appareil de communication de proximité
CN117716735A (zh) * 2023-10-31 2024-03-15 北京小米移动软件有限公司 中继发现方法及通信设备、通信系统及存储介质

Also Published As

Publication number Publication date
CN118872303A (zh) 2024-10-29

Similar Documents

Publication Publication Date Title
US10958631B2 (en) Method and system for providing security from a radio access network
EP2815598B1 (fr) Solution de sécurité permettant d'intégrer une interface radio wifi en réseau d'accès lte
CN113543126B (zh) 密钥获取方法及装置
TW201705780A (zh) 具有加密的網路可達性上下文的網路架構和安全
CN113412655A (zh) 一种信息传输方法及装置、网络设备、用户设备
US20250063348A1 (en) Key management method and communication apparatus
WO2025035417A1 (fr) Procédé de traitement d'informations, appareil et support de stockage
US12177658B2 (en) Methods and apparatus for secure voice communications
CN114584969B (zh) 基于关联加密的信息处理方法及装置
WO2025236157A1 (fr) Procédés de communication, premier terminal, second terminal et dispositif et système de communication
WO2025015513A1 (fr) Procédé de traitement d'informations, terminal, système de communication et support de stockage
WO2025010738A1 (fr) Procédé et appareil de communication sécurisée, dispositif de communication, système de communication et support de stockage
WO2026055945A1 (fr) Procédé de traitement de sécurité de données, dispositif de communication, système de communication, support de stockage et produit-programme
WO2026085823A1 (fr) Procédé de traitement de sécurité de données, dispositif de communication, système de communication, support de stockage et produit programme
WO2025010609A1 (fr) Procédé de traitement de communication et équipement utilisateur
WO2026031196A1 (fr) Procédé de communication, dispositif de réseau, terminal, système de communication, et support de stockage
WO2026055947A1 (fr) Procédé de traitement de sécurité de données, dispositif de communication, système de communication, support de stockage et produit-programme
WO2026036328A1 (fr) Procédé de traitement d'informations, dispositif de communication et support de stockage
WO2026025341A1 (fr) Procédés de transmission, dispositifs terminaux et dispositif de réseau
WO2026007094A1 (fr) Procédé de communication, premier dispositif de réseau, terminal, système de communication, et support de stockage
WO2023141914A1 (fr) Procédé et dispositif de protection d'informations
WO2025213303A1 (fr) Procédés de traitement d'informations, dispositif réseau, terminal, système de communication et support de stockage
WO2025166656A1 (fr) Procédé de communication, entité, dispositif de communication, système de communication et support de stockage
WO2025025060A1 (fr) Procédés d'authentification et dispositifs
WO2026065134A1 (fr) Procédés de communication, élément de réseau, terminal, dispositif et support de stockage

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 24938196

Country of ref document: EP

Kind code of ref document: A1